-
Notifications
You must be signed in to change notification settings - Fork 319
SecGen schemas
# SecGen schemas
- base_metadata_schema.xsd
- network_metadata_schema.xsd
- scenario_schema.xsd
- service_metadata_schema.xsd
- vulnerability_metadata_schema.xsd
All schemas can be found under the directory SecGen/lib/schemas/.
Each schema ensures all secgen_metadata.xml files and scenario files have a valid structure with valid values.
The base schema The base_metadata_schema.xsd schema controls the base tag. The options for the base tag are
Tag Attributes values {Required values}
name any author any module_licence MIT , Apache v2 , GPLv3 description any type server , desktop , cli platform any distro any url any {Optional values} reference any software_name any software_licence any {} conflict module_path = any name = any author = any module_licence = any description = any type = any platform = any distro = any url = any vagrantbase = any reference = any software_licence = any { } requires module_path = any name = any author = any module_licence = any description = any type = any platform = any distro = any url = any vagrantbase = any reference = any software_licence = anyIn other words
Bases
Minimal secgen_metadata.xml
<?xml version="1.0"?>
<base xmlns="http://www.github/cliffe/SecGen/base"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.github/cliffe/SecGen/base">
<name>“String”</name>
<author>“String”</author>
<module_licence>MIT // Apache v2 // GPLv3</module_licence>
<description>“String”</description>
<type>server // desktop // cli</type>
<platform>“String”</platform>
<distro>“String”</distro>
<url>“String”</url>
</base>
Maximum secgen_metadata.xml
<?xml version="1.0"?>
<base xmlns="http://www.github/cliffe/SecGen/base"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.github/cliffe/SecGen/base">
<name>“String”</name>
<author>“String”</author>
<module_licence>MIT // Apache v2 // GPLv3</module_licence>
<description>“String”</description>
<type>server // desktop // cli</type>
<platform>“String”</platform>
<distro>“String”</distro>
<url>“String”</url>
<reference>“String”</reference>
<software_name>“String”</software_name>
<software_licence>“String”</software_licence>
<conflict>
<module_path>"String"</module_path>
<name>"String"</name>
<author>"String"</author>
<module_licence>"String"</module_licence>
<description>"String"</description>
<type>"String"</type>
<platform>"String"</platform>
<distro>"String"</distro>
<url>"String"</url>
<vagrantbase>"String"</vagrantbase>
<reference>"String"</reference>
<software_licence>"String"</software_licence>
</conflict>
<requires>
<module_path>"String"</module_path>
<name>"String"</name>
<author>"String"</author>
<module_licence>"String"</module_licence>
<description>"String"</description>
<type>"String"</type>
<platform>"String"</platform>
<distro>"String"</distro>
<url>"String"</url>
<vagrantbase>"String"</vagrantbase>
<reference>"String"</reference>
<software_licence>"String"</software_licence>
</requires>
</base>
Minimal network secgen_metadata.xml module
<?xml version="1.0"?>
<network xmlns="http://www.github/cliffe/SecGen/network"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.github/cliffe/SecGen/network">
<name></name>
<author></author>
<module_license>MIT // Apache v2 // GPLv3</module_license>
<description></description>
<type>public_network // private_network</type>
<range>***.***.***.*** where * is 0-9</range>
</network>
Maximum network secgen_metadata.xml module
<?xml version="1.0"?>
<network xmlns="http://www.github/cliffe/SecGen/network"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.github/cliffe/SecGen/network">
<name></name>
<author></author>
<module_license>MIT // Apache v2 // GPLv3</module_license>
<description></description>
<type>public_network // private_network</type>
<range>***.***.***.*** where * is 0-9</range>
<conflict>
<name></name>
<author></author>
<module_license></module_licence>
<description></description>
<type></type>
<range></range>
</conflict>
</network>
Services secgen_metadata.xml
<?xml version="1.0"?>
<service xmlns="http://www.github/cliffe/SecGen/service"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.github/cliffe/SecGen/service">
<name>””</name>
<author>””</author>
<module_license>MIT // Apache v2</module_license>
<description>””</description>
<type>””</type>
<platform>linux // unix // windows</platform>
<!--optional details-->
<reference>””</reference>
<software_name>””</software_name>
<software_license>””</software_license>
<!--Conflicts ensure no duplicate software installations-->
<software_name>””</software_name>
<conflict>
<module_path>””</module_path>
<name>””</name>
<author>””</author>
<module_license>””</module_license>
<description>””</description>
<type>””</type>
<platform>linux // unix // windows</platform>
<reference>””</reference>
<software_name>””</software_name>
<software_license>””</software_licence>
</conflict>
<!--Requires ensures all prerequisite modules installed-->
<requires>
<module_path>””</module_path>
<name>””</name>
<author>””</author>
<module_license>””</module_licence>
<description>””</description>
<type>””</type>
<platform>linux // unix // windows</platform>
<reference>””</reference>
<software_name>””</software_name>
<software_license>””</software_license>
</requires>
</services>
Vulnerability secgen_metadata.xml
<?xml version="1.0"?>
<vulnerability xmlns="http://www.github/cliffe/SecGen/vulnerability"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.github/cliffe/SecGen/vulnerability">
<name>””</name>
<author>””</author>
<module_license>MIT // Apache v2</module_license>
<description>””</description>
<type>””</type>
<privilege>information_leakage // user // root</privilege> ←Todo - need to add information leakage to privilege
<access>remote // local</access>
<platform>linux // unix // windows</platform>
<!--optional vulnerability details-->
<difficulty>low // medium // high</difficulty>
<cve>CVE-[0-9]{4}-[0-9]{1,39}</cve>
<cvss_base_score>*.* where * is 0-9</cvss_base_score>
<cvss_vector>AV:(L|A|N)/AC:(H|M|L)/Au:(M|S|N)/C:(N|P|C)/I:(N|P|C)/A:(N|P|C)</cvss_vector>
<reference>””</reference>
<software_name>nfsd</software_name>
<software_license>GPLv2</software_license>
<!--optional breadcrumb (info that is leaked and required to exploit)-->
<breadcrumb>””</breadcrumb>
<!--optional hints-->
<msf_module>exploit/[a-zA-Z0-9_\-/]+</msf_module>
<hint>””</hint>
<solution>””</solution>
<conflict>
<module_path>””</module_path>
<name>””</name>
<author>””</author>
<module_license>””</module_license>
<description>””</description>
<type>””</type>
<privilege>user // root</privilege>
<access>remote // local</access>
<platform>linux // unix // windows</platform> <-- need to add windows to schema
<difficulty>low // medium // high</difficulty>
<cve>CVE-[0-9]{4}-[0-9]{1,39}</cve>
<cvss_base_score>*.* where * is 0-9</cvss_base_score>
<cvss_vector>AV:(L|A|N)/AC:(H|M|L)/Au:(M|S|N)/C:(N|P|C)/I:(N|P|C)/A:(N|P|C)</cvss_vector>
<reference>””</reference>
<software_name>””</software_name>
<software_license>””</software_license>
<breadcrumb>””</breadcrumb>
<msf_module>exploit/[a-zA-Z0-9_\-/]+</msf_module>
<hint>””</hint>
<solution>”"</solution>
</conflict>
<requires>
<module_path>””</module_path>
<name>””</name>
<author>””</author>
<module_license>””</module_license>
<description>””</description>
<type>””</type>
<privilege>user // root</privilege>
<access>remote // local</access>
<platform>linux // unix // windows</platform> <-- need to add windows to schema
<difficulty>low // medium // high</difficulty>
<cve>CVE-[0-9]{4}-[0-9]{1,39}</cve>
<cvss_base_score>*.* where * is 0-9</cvss_base_score>
<cvss_vector>AV:(L|A|N)/AC:(H|M|L)/Au:(M|S|N)/C:(N|P|C)/I:(N|P|C)/A:(N|P|C)</cvss_vector>
<reference>””</reference>
<software_name>””</software_name>
<software_license>””</software_license>
<breadcrumb>””</breadcrumb>
<msf_module>exploit/[a-zA-Z0-9_\-/]+</msf_module>
<hint>””</hint>
<solution>”"</solution>
</requires>
</vulnerability>